Hi,

I have a Linux PC in my office, which is in a LAN that have a IP
address of 192.168.0.8. The Linux can connect to internet by company's
router. But I can't tell the network administrator to do anything,
such as open a NAT port in the router.

Sometimes I am in home and want to continue my work, so in my
circumstance is it possible for me to ssh to my office PC?

Thanks.
Bin Chen

[ Post a follow-up to this message ]

Bin Chen :
> Hi,
>
> I have a Linux PC in my office, which is in a LAN that have a IP
> address of 192.168.0.8. The Linux can connect to internet by company's
> router. But I can't tell the network administrator to do anything,
> such as open a NAT port in the router.
If you can't use the NAT mechanism, I think maybe you can let your
office connect to your home computor actively!

> Sometimes I am in home and want to continue my work, so in my
> circumstance is it possible for me to ssh to my office PC?
>
> Thanks.
> Bin Chen
>

[ Post a follow-up to this message ]

Bin Chen wrote:
> Hi,
>
> I have a Linux PC in my office, which is in a LAN that have a IP
> address of 192.168.0.8. The Linux can connect to internet by company's
> router. But I can't tell the network administrator to do anything,
> such as open a NAT port in the router.
>
> Sometimes I am in home and want to continue my work, so in my
> circumstance is it possible for me to ssh to my office PC?

Install a bot for your favorite IM system (Jabber(gmail), ICQ/AIM, YIM,
MSN) and use it to control your office or home machine.

[ Post a follow-up to this message ]

Bin Chen wrote:
> I have a Linux PC in my office, which is in a LAN that have a IP
> address of 192.168.0.8. The Linux can connect to internet by company's
> router. But I can't tell the network administrator to do anything,
> such as open a NAT port in the router.

192.168.x.x are all unroutable addresses.  They are only allowed on
private networks that do not directly connect to the Internet.  Therefore,
it is impossible (without support from the NAT router) for your home
machine to initiate a connection to the machine:  192.168.0.8 is not public,
so there is no way for your home machine to specify a destination address.

One possible solution, if your home machine has a public IP address,
is set up a VPN link.  Your Linux PC at the office would initiate the connec
tion
(either TCP or UDP) that carries the VPN data, your home machine would
accept the connection, and both machines would join a virtual network,
giving each machine an additional IP address on the virtual network.

However, there are security implications to this.  You are creating a link
where packets can flow without being filtered.  You would want to check
with your network administrator to find out if this violates company policy.
It is usually not worth it for the company if you can work from home but
the cost is greater uncertainty and complication when it comes to security.

If they don't have a problem with setting up a VPN, then some fairly good
VPN software is OpenVPN (www.openvpn.org).  It's cross-platform, and
on Linux, I believe it can often be installed without rebuilding the kernel.
(It doesn't require its own kernel module; it just requires that some standa
rd
modules are already included.)

- Logan

[ Post a follow-up to this message ]

"Bin Chen" <binary.chen@gmail.com> wrote in message
news:1169980648.134879.14620@h3g2000cwc.googlegroups.com...
> Hi,
>
> I have a Linux PC in my office, which is in a LAN that have a IP
> address of 192.168.0.8. The Linux can connect to internet by company's
> router. But I can't tell the network administrator to do anything,
> such as open a NAT port in the router.
>
> Sometimes I am in home and want to continue my work, so in my
> circumstance is it possible for me to ssh to my office PC?

In addition to the solutions suggested by other posters, you might try
setting up a server outside the company and using that.  Sometimes that is
the cleanest solution depending on your needs.  You can use the same server,
both from work and home.

It depends on what you're trying to accomplish.  For version control and
certain other applications, it works great.

--
David T. Ashley              (dta@e3ft.com)
http://www.e3ft.com          (Consulting Home Page)
http://www.dtashley.com      (Personal Home Page)
http://gpl.e3ft.com          (GPL Publications and Projects)

[ Post a follow-up to this message ]